- Gemini Pro 2.5 is a stunningly capable coding assistant - and a big threat to ChatGPT
- This smart planter uses NASA tech to harvest vegetables at home - my buying advice after 45 days
- 7 password rules security experts live by in 2025 - the last one might surprise you
- New AI education initiatives show the way for knowledge retention in enterprises
- Want to extend your iPhone battery life? Stop making this common mistake
High-Risk Vulnerability Found in ABB’s Flow Computers
A path-traversal vulnerability has been discovered in ABB Totalflow flow computers and controllers that could lead to code injection and arbitrary code execution (ACE).
The high-risk vulnerability (tracked CVE-2022-0902) has a CVSS v3 of 8.1 and affected several ABB G5 products. It has been discovered by security experts at Team82, Claroty’s research arm.
“Attackers can exploit this flaw to gain root access on an ABB flow computer, read and write files, and remotely execute code,” the company wrote in an advisory published on Tuesday.
In particular, attackers could try to exploit the vulnerability by creating a specially crafted message and sending it to an affected system node.
The procedure would require the attacker to have access to the system network, either directly or through a wrongly configured or breached firewall. They could also install malicious software on a system node or infect the network itself with malicious software.
Team82 has said it disclosed the vulnerability to ABB, which promptly released a firmware update that resolves the vulnerability in several product versions.
“The update removes the vulnerability by modifying the way that the Totalflow protocol validates messages and verifies input data,” ABB explained.
The advisory also recommends network segmentation as a mitigation strategy.
“To mitigate this vulnerability, the ABB device should only be connected to a network segment that restricts access to authorized users,” reads the ABB technical write-up. “The vulnerability is only exposed when the attacker has access to the network where the ABB device is running Totalflow TCP protocol.”
Further mitigation strategies include installing physical controls so no unauthorized personnel can access devices and networks and scanning all data imported into environments before use to detect potential malware infections.
A complete list of security recommendations, alongside details about CVE-2022-0902, is available in the original text of the ABB advisory.
The mitigation comes weeks after the Cybersecurity and Infrastructure Security Agency (CISA) issued a new report outlining cybersecurity performance goals (CPGs) for critical infrastructure sectors.
